Tootfinder

The telcos keep falling.
Dutch telecom provider Odido has been hit by a major cyberattack. Criminals gained access to a file containing the data of 6.2 million accounts.
https://nos.nl/artikel/2602080-hack-bij-odido-gegevens-miljoenen-kl…

Hack bij Odido, gegevens miljoenen klanten in handen van criminelen
Onder de gegevens vallen onder meer volledige naam, adres en woonplaats, mobiele nummer, klantnummer, e-mailadres, rekeningnummer, geboortedatum en nummers en geldigheidsdatum van identiteitsbewijzen.

Grr and argh.
The people who make government websites generally tend to do a halfway decent job of meeting the spec, but they really really need to learn to push back when the spec is FUCKING STUPID.
Having just completed my "Annual Filing" with Companies House - and why is that even a thing, we're not posting fucking vellum to Victorian clerks who scurry up ladders to deposit the sacred paperwork in the appropriate filing cabinet any more - I got a new scary emai…

“A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.“
#vulnerability